[nmglug] Questions about claiming
ABQLUG
community at abqlug.com
Wed Sep 2 18:38:37 PDT 2020
Hey John et al,
I totally high-jacked this thread, sorry!
Having deployed Jitsi-meet, I feel comfortable saying that security is
not really a priority for the Jitsi team. I'm not complaining, I just
don't have that kind of confidence yet.
My current understanding of what makes something HIPAA certified is
actually pretty open to interpretation.
There are lists you can google to see what makes something compliant.
They pretty much just expect the traffic and data to be encrypted. With
a "strong" firewall and good intrusion detection set up.
Looking up HIPAA compliance for Managed Service Providers is a lot
harder to find good info though...
I can't tell if you have to pay someone to have the ability to legally
say that you are "able to provide X with HIPAA complaince".
But if there was some form of "pay-to-play" to become HIPAA compliant,
wouldn't that be easier to find?
Maybe I'm wrong, I would love to know.
~ Jared
On Sep 2 2020 3:01 PM, John Osmon wrote:
> On Wed, Sep 02, 2020 at 02:20:55PM -0600, ABQLUG wrote:
>> [...] would a self-hosted
>> Jitsi-meet server be considered to be HIPPA-compliant if there is an
>> active firewall? I wonder...
>
> Would it be as safe? Probably.
>
> It is only HIPPA compliant when someone has been paid to check off
> the box that says it is compliant.
>
> Never confuse security with compliance. :-)
> _______________________________________________
> nmglug mailing list
> nmglug at lists.nmglug.org
> http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org
More information about the nmglug
mailing list